filmov
tv
Incident Response Training, Analysis of Phishing Incident, Day 12
Показать описание
In this full series we will talk about Incident Response and it will be a Free Training for everyone. Today is Day-12 and I will show you a real Phishing Incident that happenned in one Security Operations Centre.
I will show you 2 Phishing Email that came to my mailbox and in the process of analyzing them, I will explore each aspect of that email. One email came to know while someone tried to send me a malware provoking me to offer a sponshorship to BlackPerl and another one is a one Credential harvesting email that tried to trick me to get my AWS credentials. So, in this Episode,
👉 I will show you how to effectively analyze email Header via a Inhouse FOSS tool
👉 How to analyze credential harvesting content
👉 How to collect the IOCs- (IP, Email ID, domain, URL) etc in easy process without knowing anything about the email
👉 How to go behind the email URL to get more IOCs
👉 Easy process to analyse the supplied malware to know more IOCs
👉 How to contain the Incident
👉 What all Steps you need to take if you are an Incident Handler
So it's a full detailed analysis of real SOC Incident and has in depth analysis. If you want to become a SOC analyst, want to work on real cyber incidents, if you are a absolute beginner or a experienced professional; each one of you should have something in this episode, in terms of learning.
Tools I have used in this Episode-
👉 HUNt3r- Malware Analyzer Tool (Coming Soon!)
Related Episodes-
WATCH BELOW Playlists as well, if you want to make your career in DFIR and Security Operations!!
-------------------------------------------------------------------------------------------------------------------------
⌚
Timelines
-------------------------------------------------------------------------------------------------------------------------
0:00 ⏩ Pretty sketchy stuff!
0:46 ⏩ Introduction
2:13 ⏩ What are we dealing with
5:12 ⏩ Usecase1- Header Analysis
11:20 ⏩ Analyze the Malware
19:56 ⏩ Containment Steps
22:20 ⏩ Usecase2- Header Analysis
27:12 ⏩ Extract IOCs from Header
32:36 ⏩ Analyzing the URL
38:59 ⏩ Containment Steps
41:18 ⏩ Support Me and Summarize
📞📲
FOLLOW ME EVERYWHERE-
-------------------------------------------------------------------------------------------------------------------------
✔ Twitter: @blackperl_dfir
SUPPORT BLACKPERL
-------------------------------------------------------------------------------------------------------------------------
╔═╦╗╔╦╗╔═╦═╦╦╦╦╗╔═╗
║╚╣║║║╚╣╚╣╔╣╔╣║╚╣═╣
╠╗║╚╝║║╠╗║╚╣║║║║║═╣
╚═╩══╩═╩═╩═╩╝╚╩═╩═╝
➡️ SUBSCRIBE, Share, Like, Comment
-------------------------------------------------------------------------------------------------------------------------
🙏 Thanks for watching!! Be CyberAware!! 🤞
I will show you 2 Phishing Email that came to my mailbox and in the process of analyzing them, I will explore each aspect of that email. One email came to know while someone tried to send me a malware provoking me to offer a sponshorship to BlackPerl and another one is a one Credential harvesting email that tried to trick me to get my AWS credentials. So, in this Episode,
👉 I will show you how to effectively analyze email Header via a Inhouse FOSS tool
👉 How to analyze credential harvesting content
👉 How to collect the IOCs- (IP, Email ID, domain, URL) etc in easy process without knowing anything about the email
👉 How to go behind the email URL to get more IOCs
👉 Easy process to analyse the supplied malware to know more IOCs
👉 How to contain the Incident
👉 What all Steps you need to take if you are an Incident Handler
So it's a full detailed analysis of real SOC Incident and has in depth analysis. If you want to become a SOC analyst, want to work on real cyber incidents, if you are a absolute beginner or a experienced professional; each one of you should have something in this episode, in terms of learning.
Tools I have used in this Episode-
👉 HUNt3r- Malware Analyzer Tool (Coming Soon!)
Related Episodes-
WATCH BELOW Playlists as well, if you want to make your career in DFIR and Security Operations!!
-------------------------------------------------------------------------------------------------------------------------
⌚
Timelines
-------------------------------------------------------------------------------------------------------------------------
0:00 ⏩ Pretty sketchy stuff!
0:46 ⏩ Introduction
2:13 ⏩ What are we dealing with
5:12 ⏩ Usecase1- Header Analysis
11:20 ⏩ Analyze the Malware
19:56 ⏩ Containment Steps
22:20 ⏩ Usecase2- Header Analysis
27:12 ⏩ Extract IOCs from Header
32:36 ⏩ Analyzing the URL
38:59 ⏩ Containment Steps
41:18 ⏩ Support Me and Summarize
📞📲
FOLLOW ME EVERYWHERE-
-------------------------------------------------------------------------------------------------------------------------
✔ Twitter: @blackperl_dfir
SUPPORT BLACKPERL
-------------------------------------------------------------------------------------------------------------------------
╔═╦╗╔╦╗╔═╦═╦╦╦╦╗╔═╗
║╚╣║║║╚╣╚╣╔╣╔╣║╚╣═╣
╠╗║╚╝║║╠╗║╚╣║║║║║═╣
╚═╩══╩═╩═╩═╩╝╚╩═╩═╝
➡️ SUBSCRIBE, Share, Like, Comment
-------------------------------------------------------------------------------------------------------------------------
🙏 Thanks for watching!! Be CyberAware!! 🤞
Комментарии